Risk

It is impossible to talk about System Safety without a discussion of Risk. Risk generally has two components: a probability of an event taking place, and the severity of the loss if the event does take place. The description of the event can be considered a third element. NASA does this in their Probabilistic Risk Assessment handbook (calling the resulting three-part description a "triplet").

Risk can be reduced to a probability if it is possible to assume what the level of loss is. Manufacturers of commercial aircraft do this when evaluating risk for FAA certification because the level of loss (such as Catastrophic) is specified, leaving only the probability number to be evaluated.

Other industries also evaluate Risk. The financial industry uses the variability of the price of an asset as a measure of risk. This is a probability measure (of course the value invested in the asset represents a worst-case loss). Project managers evaluate risk in a way similar to System Safety but they look at losses involving budget and schedule in addition to "hazards".

At the highest level, society must decide what level of risk imposed by a system or technology is acceptable. One method of doing this is to compare the risk associated with the new system against the risk of similar systems. A graph of severity vs. probability will show constant risk lines sloping down and to the right, as in the FN (or Farmer) diagram below (from the WASH1400 report). If the new system is in an area similar to, or below existing systems, then the risk is likely to be acceptable.